<?php

// HEADER MANUPULATION STARTS HERE 
global $msisdn;
global $accept_txt;
global $model;
global $wap_profile;
global $Hkey;
global $Remote_add;
global $full_user_agent;
global $wap_profile_link;

$Remote_add	= $REMOTE_ADDR;

// ALL HEADER REALATED TO MOBILE
$headers = getallheaders();


while (list($name, $value) = each ($headers))
{ 
	$name = strtolower($name);
	$wap_profile = 'X';
	if ( $name == "Accept" )
	{ 
		$acc_appln=$value;
	}

	// USER-AGENT :: TO CHECK WHICH MOBILE DESVICE USER USING
	if ( $name == "user-agent" )
	{
		$full_user_agent = $value;
		
		$pos_opera_mini = strpos(strtolower($full_user_agent), 'opera mini');
		if($pos_opera_mini>0)
		{
			$full_user_agent = $headers['X-OperaMini-Phone-UA'];
		}
		
		// FILE INCUDE HAVING FUNCTION FOR DEVICE NAME
		include_once $_SERVER['DOCUMENT_ROOT']."/common/hs_capture.php";

		$model 			= hs_identifier($full_user_agent);
		$model_to_DB 	= $model;
		$model 			= strtolower(trim($model));
	
		$nhandset = $value;
	}

	//CHECK WHICH PROFILE IS SUITABLE FOR MOBILE (XHTML/WML)
	if ( ($name == "x-wap-profile") || ($name == "profile"))
	{
		$wap_profile = $value;
		$wap_profile_link = $value;
	}
	
	//USER APN IP
	if(strtolower($name) == 'x-forwarded-for')
	{
		$nf_remote_ip = $value;
	}
	
	// FOR IDEA HEADER //X-NOKIA-PREPAIDIND ---- ENABLE FOR IDEA PLAN TYPE ONLY
	/*
	if(strtolower(trim($name)) == "x-nokia-prepaidind")
	{
		$plan_value = $value;		
	}
	*/

	//FOR IDEA HEADER
	if ( $name == "cookie" ) 
	{ 
		$ref	= array();
		$ref	= explode (";", $value);
		for($i=0; $i<count($ref); $i++)
		{
			$ref1	= array();
			$ref1 	= explode ("=", $ref[$i]);
			
			if($ref1[0]=='User-Identity-Forward-msisdn')
			{
				if($REMOTE_ADDR == '165.21.42.84')
					$SingTelUid = $ref1[1];
				else
					$msisdn 	= $ref1[1];
			}
					
			if($ref1[0]=='apn')
				$apn=$ref1[1];
		}
	}

	//GETTING MSISDN FROM DIFFRENT NAME PARAMETER :: CONDITION TO GET THE MSISDN FROM THE VARIOUS HEADERS SPECIFIED
	if ((strtolower($name) == "x-msisdn")||(strtolower($name) == "msisdn")||($name == "x-up-calling-line-id") || ($name == "x-wsb-identity")||(strtolower($name) == strtolower("X-Nokia-msisdn"))||(strtolower($name) == strtolower("X-wap-clientid"))||(strtoupper($name) == strtoupper("x-msisdn")) || (strtolower(trim($name)) == strtolower("_rapmin")) || (strtolower(trim($name)) == strtolower("MSISDN")) || (strtolower(trim($name)) == strtolower("XMSISDN")) || strtolower(trim($name)) == strtolower("x-mdn") || (strtolower(trim($name)) == strtolower("X-WAP-Network-Client-MSISDN")) || (strtolower(trim($name)) == strtolower("User-Identity-Forward-msisdn")))
	{
		if(strlen(trim($value)) > 0) 
		{
			$msisdn = $value;	
		}
	}
	
	
	//FOR MTS - INTERNET PROFILE
	if(strtolower(trim($name)) == "mdn")
	{
		$msisdn = $value;
	}

	//MAKING MSISDN 12 DIGITS
	if(strlen($msisdn) == 10)
	{
		$msisdn = "91".$msisdn;
	}
	
	// WRITTEN DIFFRENTLY FOR CAPTURING MORE DATA FROM RCOM  
	if(strtolower(trim($name)) == strtolower("_rapmin"))
	{
		$rapmin = 1;
	}
	
	//MOBILE NUMBER IN HEADERS IS COMING IN THE FOLL FORMAT 919835140859, 97.253.26.143
	//FROM RELIANCE WAP GATEWAY - SO CHANGES MADE ACCORDINGLY
	$pos = strpos($msisdn, ",");
	if($pos > 0)
	{
		$temp_arr 	= explode(",", $msisdn);
		$msisdn 	= trim($temp_arr[0]);
	}
	
	//MOBILE NUMBER IN HEADERS IS COMING IN THE FOLL FORMAT +919835140859
    //SO CHANGES MADE ACCORDINGLY
	$msisdn = trim(str_replace('+','',$msisdn));
}

$model_key 		= strtolower($model);

//NEW FEATURE TO READ HANDSET DETAILS FROM XML INSTEAD OF ARRAY DATA FILE
include $_SERVER['DOCUMENT_ROOT']."/handset_support/handset_xml_reader.php";

//IMPLEMENTED CODE BELOW TO INCORPORATE NEW HANDSET CONFIGURATION ON THE FLY. ONCE IMPLEMENTED
//SUCCESSFULLY NEED TO STOP INCLUSION HANDSET_XML_READER.PHP AND INCLUDE HANDSET_XML_READER_V2.PHP


/* if(in_array($model_key, $edge_handset)) 
	$htype="edge";
else
	$htype="gprs";
 */
$fst_chr_model		= trim(strtolower(substr($model, 0, 1)));
$model_key			= strtolower($model);

//NEW LOG FOR NEW HANDSETS AS PER NEW FUNCTION
if(!$Hkey)
{
	$ldate		= date("dmy");
	$lgdate		= date("dmyHis");
	$logString	= "$lgdate|$model_to_DB|$full_user_agent|$wap_profile_link|$fst_chr_model|$model_key|$Hkey|$client_group";
	$fname 		= $_SERVER['DOCUMENT_ROOT']."/webdata/devs/wapsite/logs/apps/all_new_hs_log_$ldate.txt";
	$handle		= fopen($fname, "a");

	fwrite($handle,"\n".$logString);
	fclose($handle);
}

$three_Hkey =1;

//CHTML and HTML to XHTML
if($browser_support_id==173 || $browser_support_id==175)
{
	$browser_support_id = 172; 
}

//DEFAULT BROWSER SUPPORT AS XHTML ON
if($Hkey == 0)
{
	$browser_support_id = 172; 
}

//DEFAULT CONTENT SETTING FOR WP, ANI AND POLY AND LOGO WIDTH
if($logo_wd==0) $logo_wd = 166;								//default 166x20 banner
if($wp_support_id == 0) $wp_support_id = 190;				//default wallpaper size changed to 320x320 requested
if($poly_support_id == 0) $poly_support_id = 30;			//default polytone 4 channel midi
if($ani_support_id == 0) $ani_support_id = 15;				//default animation 176x176
if($sms_poly_support_id == 0) $sms_poly_support_id = 78;	//default sms polytone 4 channel midi


//FUNCTION TO CAPTURE VISISTOR USER INFORMATION
function visitor_log($msisdn,$model=0,$Remote_add=0,$zid=0,$circle_id=0,$operator_id=0,$land_from='',$id='')
{
	global $full_user_agent;
	global $wap_profile_link;
	
	$date		= date("dmy");
	$pdate		= date("dmyHis");
	$conString	= "$msisdn|".substr($model,0,150)."|".substr($Remote_add,0,30)."|$zid|$circle_id|$operator_id|$pdate|".substr($full_user_agent,0,150)."|".$land_from."|".$id;
	$fname 		= $_SERVER['DOCUMENT_ROOT']."/webdata/devs/wapsite/logs/visitors/visitor_log_$date.txt";
	
	$handle 	= fopen($fname, "a");
	fwrite($handle,"\n".$conString);
	fclose($handle);
	chmod($fname, 0777);
	
}
/// FUNCTION TO CAPTURE USER INFORMATION -- END 


//MSC SYSTEM
if($msisdn)
{
	//RELIANCE HAS BEEN RENAMED TO RCOM
	include $_SERVER['DOCUMENT_ROOT']."/common/get_mdn_data.php";
}

//ASSISTANCE IN DOWNLOAD FILES
include $_SERVER['DOCUMENT_ROOT']."/common/functions_for_download_assistance.php";

//CLSSEST BANNER SIZE
function closest_banner($array, $number)
{
 if(!in_array($number,$array))
	{
		foreach($array as $arr_key => $val)
		{
			
			if($number>$val)
			{
				continue;
			}
			else
			{
				if($arr_key!=0) $arr_key=$arr_key-1;
				$low_data	= $array[$arr_key];
				$arr_key	= $arr_key+1;
				$high_data	= $array[$arr_key];
				$diff_low	= $number-$low_data;
				$diff_high	=  $high_data-$number;
				if($diff_high>$diff_low)
				{
					return $low_data;
				}else
				{
					return $high_data;
				}
				break;
				
			}
		}
	}
	else
	{
		return $number;
	}
}

//CHANGES DONE ONLY FOR RCOM --- RCOM SENDING RAPMIN 
if($rapmin == 1)
{
	if(strlen($msisdn)>10)
	{
		$msisdn = substr($msisdn,2,10);
	}
	$operator_name 	= 'rcom';
	$operator_id 	= '31';
	
	if($circle_id == '' && $circle_name == '')
	{
		$circle_id 		= '31';
		$circle_name 	= 'others';
	}
}


$array 		= array(97,115,118,128,166,170,176,200,230,240,320,340,360,480,800,1280);
$logo_wd 	= closest_banner($array, $logo_wd);

//THIS CODE PREVENT FROM HACKING OR OTHER XSS METHOD
function safe($data)
{
	// Fix &entity\n;
	$data = str_replace(array('onmouseover','alert','prompt'), array('','',''), $data);
	$data = str_replace(array('onMouseOver','Alert','Prompt'), array('','',''), $data);
	$data = str_replace(array('&amp;','&lt;','&gt;'), array('&amp;amp;','&amp;lt;','&amp;gt;'), $data);
	$data = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $data);
	$data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data);
	$data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');

	// Remove any attribute starting with "on" or xmlns
	$data = preg_replace('#(<[^>]+?[\x00-\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);

	// Remove javascript: and vbscript: protocols
	$data = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([`\'"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2nojavascript...', $data);
	$data = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2novbscript...', $data);
	$data = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*-moz-binding[\x00-\x20]*:#u', '$1=$2nomozbinding...', $data);

	// Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
	$data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?expression[\x00-\x20]*\([^>]*+>#i', '$1>', $data);
	$data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?behaviour[\x00-\x20]*\([^>]*+>#i', '$1>', $data);
	$data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*+>#iu', '$1>', $data);

	// Remove namespaced elements (we do not need them)
	$data = preg_replace('#</*\w+:\w[^>]*+>#i', '', $data);

	do
	{
			// Remove really unwanted tags
			$old_data = $data;
			$data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
	}
	while ($old_data !== $data);

	// we are done...
	$data = htmlentities( $data, ENT_QUOTES, 'utf-8' );
	return $data;
	}
	foreach($_REQUEST as $reqkey => $reqvalue)
	{
		$_REQUEST[$reqkey] 	= safe($reqvalue);
		$$reqkey 			= $_REQUEST[$reqkey];
	}
	foreach($_POST as $postkey => $postvalue)
	{
		$_POST[$postkey] 	= safe($postvalue);
		$$postkey 			= $_REQUEST[$postkey];
	}
	foreach($_GET as $getkey => $getvalue)
	{
		$_GET[$getkey] 	= safe($getvalue);
		$$getkey 		= $_REQUEST[$getkey];
	}
?>
